In this week New Scientist there was an article describing the down fall of the SHA-1 to a non-brute force attack.
Bruce Schneier was quoted in the article and also has a couple of posts that go into some more detail.
Cryptanalysis of MD5 and SHA: Time for a New Standard
SHA-1 is Broken
Cryptanalysis of SHA-1
While it seems there is no immediate threat to general internet security, it is clear that the systems used in today’s digital signature systems are failing. As Moore’s Law continues un-abated the limitations that have now been show make it clear. Where gonna need a bigger hash.
